Class ComposerLockAnalyzer

java.lang.Object

org.owasp.dependencycheck.analyzer.AbstractAnalyzer

org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer

org.owasp.dependencycheck.analyzer.ComposerLockAnalyzer

All Implemented Interfaces:

FileFilter, Analyzer, FileTypeAnalyzer

public class ComposerLockAnalyzer
extends AbstractFileTypeAnalyzer

Used to analyze a composer.lock file for a composer PHP app.

Author:

colezlaw

Field Summary

Fields

Modifier and Type	Field	Description
static final String	DEPENDENCY_ECOSYSTEM	A descriptor for the type of dependencies processed or added by this analyzer.

Constructor Summary

Constructors

Constructor	Description
ComposerLockAnalyzer()

Method Summary

Modifier and Type	Method	Description
protected void	analyzeDependency(Dependency dependency, Engine engine)	Entry point for the analyzer.
AnalysisPhase	getAnalysisPhase()	Returns the phase this analyzer should run under.
protected String	getAnalyzerEnabledSettingKey()	Gets the key to determine whether the analyzer is enabled.
protected FileFilter	getFileFilter()	Returns the FileFilter.
String	getName()	Returns the analyzer's name.
protected void	prepareFileTypeAnalyzer(Engine engine)	Initializes the analyzer.

Methods inherited from class AbstractFileTypeAnalyzer

accept, getFilesMatched, newHashSet, prepareAnalyzer, setFilesMatched

Methods inherited from class AbstractAnalyzer

analyze, close, closeAnalyzer, getSettings, initialize, isEnabled, prepare, setEnabled, supportsParallelProcessing

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface Analyzer

analyze, close, initialize, isEnabled, prepare, supportsParallelProcessing

Field Details

DEPENDENCY_ECOSYSTEM

public static final String DEPENDENCY_ECOSYSTEM

A descriptor for the type of dependencies processed or added by this analyzer.

See Also:

• Constant Field Values

Constructor Details

ComposerLockAnalyzer

public ComposerLockAnalyzer()

Method Details

getFileFilter

protected FileFilter getFileFilter()

Returns the FileFilter.

Specified by:

getFileFilter in class AbstractFileTypeAnalyzer

Returns:

the FileFilter

prepareFileTypeAnalyzer

protected void prepareFileTypeAnalyzer(Engine engine)
                                throws InitializationException

Initializes the analyzer.

Specified by:

prepareFileTypeAnalyzer in class AbstractFileTypeAnalyzer

Parameters:

engine - a reference to the dependency-check engine

Throws:

InitializationException - thrown if an exception occurs getting an instance of SHA1

analyzeDependency

protected void analyzeDependency(Dependency dependency,
 Engine engine)
                          throws AnalysisException

Entry point for the analyzer.

Specified by:

analyzeDependency in class AbstractAnalyzer

Parameters:

dependency - the dependency to analyze

engine - the engine scanning

Throws:

AnalysisException - if there's a failure during analysis

getAnalyzerEnabledSettingKey

protected String getAnalyzerEnabledSettingKey()

Gets the key to determine whether the analyzer is enabled.

Specified by:

getAnalyzerEnabledSettingKey in class AbstractAnalyzer

Returns:

the key specifying whether the analyzer is enabled

getName

public String getName()

Returns the analyzer's name.

Returns:

the analyzer's name

getAnalysisPhase

public AnalysisPhase getAnalysisPhase()

Returns the phase this analyzer should run under.

Returns:

the analysis phase